Spyware I can't seem to get rid of
21-02-2004, 22:08
|
#1
|
|
!
Join Date: Jul 2003
Location: Eglinton, Co. Derry
Posts: 7,640
|
Spyware I can't seem to get rid of
I have some malware that's altering my registry at the moment, istsvc, it alters some registry key (see attached) despite me removing it. I run Ad-aware pro with the latest reference file and it detects it, claims to remove it, but if I run another scan straight away, it finds it again, regardless of whether a browser is open or not, I then tried Spybot with the latest updates it didn't even detect it, how do I get rid of it? (it's not picked up by Avast either).
|
|
|
|
21-02-2004, 22:12
|
#2
|
|
Guest
Location: Luton
Services: NTL Nafband
Posts: n/a
|
Re: Spyware I can't seem to get rid of
Quote:
|
Originally Posted by Bifta
I have some malware that's altering my registry at the moment, istsvc, it alters some registry key (see attached) despite me removing it. I run Ad-aware pro with the latest reference file and it detects it, claims to remove it, but if I run another scan straight away, it finds it again, regardless of whether a browser is open or not, I then tried Spybot with the latest updates it didn't even detect it, how do I get rid of it? (it's not picked up by Avast either).
|
Its something starting up from the registery.
Run Regedit and check..
Hkey local machine / software / microsoft windows / current version / run
HTH
Edit : It may not be spyware - Adaware pro often false alarms !!
|
|
|
|
|
21-02-2004, 22:13
|
#3
|
|
[NTHW] pc clan
Join Date: Jun 2003
Location: Tonbridge
Age: 45
Services: Be*Pro ADSL2+
Posts: 19,702
|
Re: Spyware I can't seem to get rid of
What effect does it have when it alters the registry?
__________________
Step by step, walk the thousand mile road...
-----------------------------------------------------
nthwgaming.co.uk
|
|
|
|
|
21-02-2004, 22:14
|
#4
|
|
!
Join Date: Jul 2003
Location: Eglinton, Co. Derry
Posts: 7,640
|
Re: Spyware I can't seem to get rid of
Quote:
|
Originally Posted by stuartbe
Its something starting up from the registery.
Run Regedit and check..
Hkey local machine / software / microsoft windows / current version / run
HTH
Edit : It may not be spyware - Adaware pro often false alarms !!
|
I know that!!!  The ad watch thing show's it trying to install the registry key, but I can't find where the remove the program that's actually doing it, it's not under c:/program files/ and it's not hidden either .. very confused
|
|
|
|
|
21-02-2004, 22:15
|
#5
|
|
!
Join Date: Jul 2003
Location: Eglinton, Co. Derry
Posts: 7,640
|
Re: Spyware I can't seem to get rid of
Quote:
|
Originally Posted by Ramrod
What effect does it have when it alters the registry?
|
It then alters my default homepage to some crappy search engine.
|
|
|
|
|
21-02-2004, 22:16
|
#6
|
|
Guest
|
Re: Spyware I can't seem to get rid of
Quote:
|
Originally Posted by Bifta
I have some malware that's altering my registry at the moment, istsvc, it alters some registry key (see attached) despite me removing it. I run Ad-aware pro with the latest reference file and it detects it, claims to remove it, but if I run another scan straight away, it finds it again, regardless of whether a browser is open or not, I then tried Spybot with the latest updates it didn't even detect it, how do I get rid of it? (it's not picked up by Avast either).
|
jv16 power tools is good for removing stuff from the registry - you have to pay for the 'later' versions, though?
|
|
|
|
|
21-02-2004, 22:17
|
#7
|
|
!
Join Date: Jul 2003
Location: Eglinton, Co. Derry
Posts: 7,640
|
Re: Spyware I can't seem to get rid of
Quote:
|
Originally Posted by homealone
jv16 power tools is good for removing stuff from the registry - you have to pay for the 'later' versions, though?
|
I can delete the registry key through regedt32 but it keeps altering the registry automatically and sticks the key back in 
|
|
|
|
|
21-02-2004, 22:17
|
#8
|
|
Guest
Location: Luton
Services: NTL Nafband
Posts: n/a
|
Re: Spyware I can't seem to get rid of
Quote:
|
Originally Posted by Bifta
I know that!!! The ad watch thing show's it trying to install the registry key, but I can't find where the remove the program that's actually doing it, it's not under c:/program files/ and it's not hidden either .. very confused |
Have you searched for the file name in regedit ?
|
|
|
|
|
21-02-2004, 22:20
|
#9
|
|
[NTHW] pc clan
Join Date: Jun 2003
Location: Tonbridge
Age: 45
Services: Be*Pro ADSL2+
Posts: 19,702
|
Re: Spyware I can't seem to get rid of
Thought so, this may be of use 
__________________
Step by step, walk the thousand mile road...
-----------------------------------------------------
nthwgaming.co.uk
|
|
|
|
|
21-02-2004, 22:21
|
#10
|
|
!
Join Date: Jul 2003
Location: Eglinton, Co. Derry
Posts: 7,640
|
Re: Spyware I can't seem to get rid of
Quote:
|
Originally Posted by stuartbe
Have you searched for the file name in regedit ?
|
I've removed all entries for it, there's something installed that readding the key though.
|
|
|
|
|
21-02-2004, 22:24
|
#11
|
|
Guest
|
Re: Spyware I can't seem to get rid of
Quote:
|
Originally Posted by Bifta
I can delete the registry key through regedt32 but it keeps altering the registry automatically and sticks the key back in |
jv16 has been good for me during an ATI multimedia card install, - I'm biased - but given the rate of £ against the $ ? :pp
|
|
|
|
|
21-02-2004, 22:25
|
#12
|
|
Guest
Location: Luton
Services: NTL Nafband
Posts: n/a
|
Re: Spyware I can't seem to get rid of
Have you searched the hdd for the file.... It may be a driver of some sort that is installing it !
|
|
|
|
|
21-02-2004, 22:26
|
#13
|
|
!
Join Date: Jul 2003
Location: Eglinton, Co. Derry
Posts: 7,640
|
Re: Spyware I can't seem to get rid of
Quote:
|
Originally Posted by homealone
jv16 has been good for me during an ATI multimedia card install, - I'm biased - but given the rate of £ against the $ ? :pp |
Ummmm, deleting the registry keys isn't cutting it, they're getting re-added as fast as I can delete them.
|
|
|
|
|
21-02-2004, 22:27
|
#14
|
|
Guest
Location: Luton
Services: NTL Nafband
Posts: n/a
|
Re: Spyware I can't seem to get rid of
Quote:
|
Originally Posted by Bifta
Ummmm, deleting the registry keys isn't cutting it, they're getting re-added as fast as I can delete them.
|
There is allways deltree /y *.* --- No dont do that
|
|
|
|
|
21-02-2004, 22:31
|
#15
|
|
[NTHW] pc clan
Join Date: Jun 2003
Location: Tonbridge
Age: 45
Services: Be*Pro ADSL2+
Posts: 19,702
|
Re: Spyware I can't seem to get rid of
Have you looked through that link?
__________________
Step by step, walk the thousand mile road...
-----------------------------------------------------
nthwgaming.co.uk
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT. The time now is 04:44.
|
Join CF
You are here: 
